PCNSE Question #815: Real Exam Question with Answer & Explanation

Question

An administrator is tasked to provide secure access to applications running on a server in the company's on-premises datacenter. What must the administrator consider as they prepare to configure the decryption policy?

Options

• AEnsure HA3 interfaces are configured in a HA pair environment to sync decrypted sessions.
• BObtain or generate the server certificate and private key from the datacenter server.
• CObtain or generate the self-signed certificate with private key in the firewall
• DObtain or generate the forward trust and forward untrust certificate from the datacenter server.

Explanation

When configuring a decryption policy to provide secure access to applications running on a server, the administrator needs to decrypt the SSL/TLS traffic between clients and the server. To achieve this, the firewall needs access to the server certificate and private key used by the datacenter server to establish secure connections. This is crucial for the firewall to perform the decryption operation and inspect the traffic. Obtain or generate the server certificate and private key from the datacenter server: This is necessary because the firewall will need to decrypt the traffic using the certificate and the associated private key. The server certificate verifies the identity of the server, while the private key is used to decrypt the secure communication.

No community discussion yet for this question.